# </acls/rebels>
<> a webac:Acl;
ldp:contains <commanders-plans>
ldp:contains <pilots-plans>;
ldp:contains <pilots-flight-plans>.
# </acls/rebels/commanders-plans>
# commanders...
<> a acl:Authorization;
# ...listed in this group...
acl:agentClass </groups/rebel-commanders>;
# ...have read-write access to...
acl:mode acl:Read, acl:Write;
# ...the plans
acl:accessTo </collections/rebels/plans>.
# </acls/rebels/pilots-plans>
# but pilots...
<> a acl:Authorization;
# ...listed in this group...
acl:agentClass </groups/rebel-pilots>;
# ...have read-only access to...
acl:mode acl:Read;
# ...the plans
acl:accessTo </collections/rebels/plans>.
# </acls/rebels/pilots-flight-plans>
# however, pilots...
<> a acl:Authorization;
# ...listed in this group...
acl:agentClass </groups/rebel-pilots>;
# ...do have read-write access to...
acl:mode acl:Read, acl:Write;
# ...their flight plan documents
acl:accessToClass ex:FlightPlan.
# </collections/rebels/plans>
# this resource is protected by the ACL at this URI
<> acl:accessControl </acls/rebels> .
# </collections/rebels/flights>
# this collection also specifies an ACL so all of its child resources will be
# covered by an ACL
<> a ldp:BasicContainer;
acl:accessControl </acls/rebels>;
ldp:contains <trench-run>.
# </collections/rebels/flights/trench-run>
# users in the group rebel-pilots will have read-write access to this resource
<> a ex:FlightPlan. |